1. Field of the Invention
This invention relates to the field of data processing systems. More particularly, this invention relates to the alerting of an out-of-date update status of a malware scanner of the type that, for example, scans for computer viruses, Trojans, worms, banned files or e-mails containing banned words.
2. Description of the Prior Art
It is known to provide malware scanners, such as anti-virus scanners, e-mail scanners etc, which serve to protect against what can be the serious damage produced by malware. As an example, an anti-virus scanner may inspect computer files on an on-access basis or an on-demand basis to identify if they contain any known computer viruses or computer files having virus like properties.
As new threats emerge it is important that any malware scanners are updated to contain new malware definition data to enable them to identify new viruses or the like, as well as occasionally having scanner engine updates to enable them to keep up-to-date with new malware threats that are posed. Within an organisation there is a considerable administrative load associated with ensuring that all the computers used by an organisation have the latest versions of the virus or banned word definition data and/or the scanning engine. As an example, each individual desktop PC and laptop computer of an organisation may have anti-virus computer software running upon it that require keeping up-to-date. Even if only a small number of individual computers are not using the latest engine and driver data, the possibility of damage to these computers by newly released threats is significant and harmful to the organisation concerned.
One possibility for addressing this problem would be to have an agent running on each computer with a malware scanner, the agent serving to notify the malware scanner's update status to a central source in order that the update status can be managed and updates made more reliable. However, such an agent continuously running on each computer solely for the purpose of monitoring the update status of the associated malware scanner represents a significant disadvantageous processing overhead.
It is known to provide scanning systems for e-mail, such as Microsoft Virus Scanning API for MS Exchange, that stamp an e-mail with a vendor name and version number of the scanning system in order to enable e-mail systems subsequently handling that same e-mail to determine whether or not a further scan of that e-mail is necessary.